<?php
// declare(strict_types = 1);

namespace app\middleware;

use app\common\Token;

class checkToken
{
    /**
     * 处理请求
     *
     * @param \think\Request $request
     * @param \Closure       $next
     * @return Response
     */
    public function handle($request, \Closure $next)
    {
        $path=$request->server()['PATH_INFO'];
        $index= strstr($path, "/admin/");
        if ($path!='/admin/user/center/login'&&$index) {
            // #header
            $header=$request->header();
            if (isset($header['x-csrf-token'])) {
                $token=$header['x-csrf-token'];
                $data= Token::decode($token);
                if (!$data['valid']) {
                    $json=array('data'=>[],'code'=>-1,'tips'=>'token已失效');
                    return json($json, 200);
                }
            } else {
                $json=array('data'=>[],'code'=>-1,'tips'=>'token已失效');
                return json($json, 200);
            }
        }
        $response = $next($request);
        return $response;
    }
}
